To our knowledge, there has been no work that has attempted to
relate Bitcoin addresses to specific IPs. The ability to create such
mappings is important since there have been cases where individuals
participating in P2P networks have been identified by law
enforcement after their ISPs had been subpoenaed.

…

By analyzing 5 months of data we collected using our custom-built
Bitcoin client, we were able to classify distinct transaction relay
patterns and design heuristics for hypothesizing transaction
ownership. We then demonstrated how Bitcoin address-to-IP mappings
can be derived and evaluated using aggregate statistics from our
transaction data.

The paper, by respectable researchers (one them is a former colleague
who moved to academia), appeared in the Financial Cryptography and
Data Security Conference. The
program committee is full of well-known academic researchers. The
paper shows how to determine some IP addresses of users who make
Bitcoin transactions, and it does this by actively connecting to all
listening peers on the Bitcoin network, continuously over 5 months.
They gather 60GB of data per week, and as far as I can tell from their
paper, they have not deleted the data. The IP addresses that they
collect are explicitly not logged by the Bitcoin system; and it is
clear that some Bitcoin users, whether foolishly or not, have some
expectation of privacy.

This paper seems to have the ethical blessing of the academic security
establishment. We don’t yet know the details of the CERT work, but I
think in fairness it deserves to be judged by the same standard.